Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
| reply to Daniel
Re: Trojan detection
said by Daniel  :Well, we don't want to avoid giving someone the advice they need because it would be inconvenient. If someone is infected with a serious trojan we need to recommend reinstallation regardless of how uncomfortable that would be. well there are about 50 threads like this one in the last 5 days here at DSLR Security Forum..so start posting in each your reformat/reinstall info in each 
Since you assume the "if" before you understand the what?
That should take care of them all and no reason for them to even post in the first place. 
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/ |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs: 
| reply to The Penguin
said by The Penguin :Acquaintance reckons he has a trojan on his pc that he cannot get rid of. This seems pretty clear to me, NameGame. What part of it is ambiguous to you? Does it sound like they're not sure? Does it sound like minor adware?
Again, the best practice is reinstallation in this type of scenario. Go find me someone who does security for a living that disagrees.
--
dmiessler.com -- grep understanding knowledge |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
2 edits | I 'reckon' it would not.. since he seems to already have a 'name' for itIt comes up as injecterx (tri)
..and you don't just pull those names out of your hat.
You have to use those "tools" you seem to be so against that popup and tell you there might be a bad boy on your system and it's name..so then you find out the real files it is calling out and you concentate on those..since many AV's find them in the temp or temp internet file.. system restore..or even in the uploaded sig. you get from other antimalware products..or even the quarantine folder of other AV products as they scan.. and it goes on and on..
Besides the fact that only this week and last..many of those Commerical AV and Antimalware products just added to their signature base a Trojan.Injector.S on a new bad boy..but unfortunately..many are calling it out wrong and its a false positive on legit files.
So again your assumptions are premature.
unless you would tell each one of these people who posted and started a thread here..
»Security Cleanup
to stop waisting everyones time..and go reinstall.
Trojans are not boogie men. Some of the best Security tools out there "walk and talk like a trojan"..but they have been Identified as useful and in some cases necessary.
--
Gladiator Security Forum »www.gladiator-antivirus.com/
Missing Kids
»www.missingkids.com/ |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
| Right, so if it's not a trojan you shouldn't reinstall. If it is, you should reinstall. I'm glad we had this talk.
--
dmiessler.com -- grep understanding knowledge |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
1 edit | said by Daniel :Right, so if it's not a trojan you shouldn't reinstall. If it is, you should reinstall. I'm glad we had this talk. Me too..now let's go clean off a few trojans while you reformat..and don't forget the low level..
Tr. injector aka all-in-one (see s/shot) *Part detection and removal
*The exe and run entry in registry are detected and removed but the rootkit + archived copies of components held in seperate folders still remain cloaked and rootkit is still active
»img53.imageshack.us/img53/997/cs···eim0.jpg
»www.wilderssecurity.com/showthre···t=171437
»www.castlecops.com/t180887-Rootk···ved.html
--
Gladiator Security Forum »www.gladiator-antivirus.com/
Missing Kids
»www.missingkids.com/ |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
1 edit | reply to The Penguin
Heh, guess what I found?
»Security »When should I re-format? How should I reinstall?
Some of my favorite quotes:
said by The DSLR FAQ on Reinstalling :
It is dangerous and incorrect assume that simply because one backdoor trojan has been removed from a computer that the computer is now secure. said by The DSLR FAQ on Reinstalling :
The experts at CERT and SANS don't think an on-site team of certified trained and experienced professionals can reliably clean a system that has had a backdoor installed, up to the standards of everyday commercial and institutional use. So how can one expect to do that long distance? said by The DSLR FAQ on Reinstalling :
Give them enough information about the risks to make their own informed decision. Let them decide based on what they use their computers for, their assessment of the risks, and their financial and technical resources, whether the re-format and re-install is actually done. So let me rephrase my answer. If you have anything you care about on a computer, and you think you may have been infected with a trojan, you should reinstall.
Or, to put it another way, if you have NOTHING on your system that you care about, including what you plan on doing with the system in the future, don't bother.
So anyone want to guess what the OP will decide?
--
dmiessler.com -- grep understanding knowledge |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
| The decision process already started in the first post by the OP's friend to clean it off..and asked "Anyone know what this could (be) and how to get rid of it?"
So the best assumption would be 'it' is not the hard drive or the current load of software on it..but I guess the next step could be... tell em to get a MAC.
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/ |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
1 edit | said by Name Game :...but I guess the next step could be... tell em to get a MAC. I don't think a MAC will help them in this case (unless he's worried someone's spoofing his friend), but perhaps a good system running OS X (a Mac) would improve things.
--
dmiessler.com -- grep understanding knowledge |
|
